Abstract
Web mashups, a new web application development paradigm, combine content and services from multiple origins into a new service. Web mashups heavily depend on interaction between content from multiple origins and communication with different origins. Contradictory, mashup security relies on separation for protecting code and data. Traditional HTML techniques fail to address both the interaction/communication needs and the separation needs. This paper proposes concrete requirements for building secure mashups, divided in four categories: separation, interaction, communication and advanced behavior control. For the first three categories, all currently available techniques are discussed in light of the proposed requirements. For the last category, we present three relevant academic research results with high potential. We conclude the paper by highlighting the most applicable techniques for building secure mashups, because of functionality and standardization. We also discuss opportunities for future improvements and developments. © 2012 Springer-Verlag.
Cite
CITATION STYLE
De Ryck, P., Decat, M., Desmet, L., Piessens, F., & Joosen, W. (2012). Security of web mashups: A survey. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7127 LNCS, pp. 223–238). https://doi.org/10.1007/978-3-642-27937-9_16
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
